General

  • Target

    8970ab5f181d4d7796dae8adc4326d6da14eda07741086cc551ab7dddf933e19

  • Size

    690KB

  • MD5

    81ed6dcb795201a907f16ce79baa0a56

  • SHA1

    eb021f72c8b0cc17c36e8eab5dabc45e7e47aa5e

  • SHA256

    8970ab5f181d4d7796dae8adc4326d6da14eda07741086cc551ab7dddf933e19

  • SHA512

    b9bd7cf934d7427772162e13753e2961d80117cc3f3fe87b488450f8991412510f138eb60a0438eec7b89e46f15de2c5cbe801b8e9092ae2df503cc87cb3b91c

  • SSDEEP

    12288:Z9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hA4:jZ1xuVVjfFoynPaVBUR8f+kN10EB3

Score
10/10

Malware Config

Extracted

Family

darkcomet

Botnet

Guest16

C2

abdulla-omer.no-ip.org:1604

Mutex

DC_MUTEX-TWQ3SUY

Attributes
  • InstallPath

    System32\SysConf.exe

  • gencode

    ea0LncChfRvj

  • install

    true

  • offline_keylogger

    true

  • persistence

    true

  • reg_key

    SystemConf

Signatures

Files

  • 8970ab5f181d4d7796dae8adc4326d6da14eda07741086cc551ab7dddf933e19
    .exe windows x86

    e5b4359a3773764a372173074ae9b6bd


    Headers

    Imports

    Sections